Resources

Blog

The Next Disruptive ICS Attacker: A Disgruntled Insider?

Often, the most critical threats come from within an organization itself. This is true for all sectors, but it is especially true for industrial control systems (ICS). Technicians in these environments already have access to plant controls and may have the deep knowledge of industrial processes needed to achieve specific goals. The damage caused by...
Blog

What Are the Key Challenges Facing IT and OT?

The events of 2020 accelerated many organizations’ efforts to converge their information technology (IT) and operational technology (OT) environments. Now that they’re immersed in this journey, some organizations are finding that it’s not quite as smooth as they were expecting. They’re learning that they need to overcome several challenges if they hope to leverage the IT-OT convergence as part of...
Blog

White House Memo Takes on Securing Critical Infrastructure Control Systems

Attacks targeting critical infrastructure have been on the rise in recent years. Back in 2019, for instance, 56% of utility professionals responsible for overseeing risk in their organizations’ operational technology (OT) assets told Siemens and the Ponemon Institute that they experience at least one shutdown or operational data loss event a year....
Blog

How SCM Can Protect Against Skills-Based Errors and Mistakes

People make up an important part of an organization’s security posture. That’s because some employees have the rights necessary for accessing sensitive data as well as the privileges for viewing and/or editing critical systems. If those individuals have the right focus and training, they can play a crucial part in keeping those assets safe against...
Blog

Tripwire Patch Priority Index for July 2021

Tripwire's July 2021 Patch Priority Index (PPI) brings together important vulnerabilities from VMware, Adobe, Oracle, and Microsoft. First on the patch priority list this month are patches for Microsoft Print Spooler (CVE-2021-34527, CVE-2021-1675) and vSphere Client (CVE-2021-21985). Exploits for these vulnerabilities have been recently added to...
Blog

Taking a Look at AWS and Cloud Security Monitoring

More and more companies understand the benefits of cloud computing, which is making their migration to the cloud more rapid. Per IDG’s 2020 Cloud Computing Study, 81% of organizations said that they’ve migrated either one application or a portion of their infrastructure to the cloud. The reasons why a company would shift its services towards the...
Blog

Cloud Compliance Best Practices: A Quick Overview

Cloud compliance is more important than ever, especially as businesses and organizations continue to engage in remote and digital work practices due to COVID-19. Even before the pandemic, more and more companies were migrating to the cloud. But what exactly is cloud compliance, and what are some best practices you should keep in mind if you’re...
Blog

The Next Disruptive ICS Attack: 3 Likely Sources for Major Disruptions

Faced with rows of empty gas pumps, many Americans on the East Coast may be wondering why this happened, whether it will happen again, or if there is anything we can do to avoid future catastrophe. The unpleasant truth of the matter is that this will certainly not be the last time society is disrupted due to attackers targeting critical industrial...
Blog

How Network Segmentation Can Protect Supply Chains from Ransomware Attacks

Organizations can take various steps to protect their operational technology (OT) environments against digital threats. But some stand out more than others. In particular, network segmentation is described as “the first answer to insufficient ICS (Industrial Control System) cybersecurity.” Experts advocate zoning ICS assets to coordinate informational...
Blog

Ghidra 101: Loading Windows Symbols (PDB files) in Ghidra 10.x

In this blog series, I will be putting the spotlight on useful Ghidra features you may have missed. Each post will look at a different feature and show how it helps you save time and be more effective in your reverse engineering workflows. Ghidra is an incredibly powerful tool, but much of this power comes from knowing how to use it effectively. In...
Blog

Protecting People, Across Professional and Personal Life

Jihana Barrett, CEO of Cybrsuite explains the security needs from not just from an enterprise perspective but for day-to-day life. She also tells us about how her organization, Tech Sorority, provides valuable professional support and guidance for women in tech. https://open.spotify.com/episode/5JKIveh41lNDbgan07d1BG?si=mVV1OtHpScydCqLJWqp4aQ&dl...
Blog

Everything You Should Know About the HIPAA Enforcement Rule

With the regular and much needed update to critical standards such as HIPAA, auditors and compliance experts need to be continuously on their toes to review and acquaint themselves with these new developments. One of the latest such updates is the Health Information Portability and Accountability (HIPAA) Enforcement rule, which has caused quite a...
Blog

British man arrested in connection with Twitter mega-hack that posted cryptocurrency scam from celebrity accounts

Police in Spain have arrested a British man in connection with what many consider the worst hack in Twitter's history. In July 2020, the Twitter accounts of public figures and well-known organisations were compromised, allowing malicious hackers to post tweets to millions of unsuspecting followers. Compromised accounts included those of then...
Blog

A Cure for a Disheartened Cybersecurity Professional

Data breaches and ransomware attacks aren’t just still occurring. They’re also becoming more frequent. According to ZDNet, the number of ransomware attacks detected and blocked by one security firm grew 715% year-over-year in 2020 alone. Another security company calculated the total number of ransomware attacks for the year to be around 65,000,...
Blog

IT/OT Convergence or IT/OT Integration?

IT/OT convergence is an oft-repeated term, and maybe it's the wrong term.From a technology standpoint, IT/OT convergence has been occurring since at least the 1990s when HMI/Operator Stations began running on Windows and when Ethernet began displacing deterministic custom LAN protocols in the OT realm. This technology convergence has continued with...
Blog

What is a SIEM, And Why Should You Have One?

SIEM (pronounced like “sim” from “simulation”), which stands for Security Information and Event Management, was conceived of as primarily a log aggregation device. However, a SIEM’s primary capabilities are to provide threat detection, better enable incident investigation, and speed up your incident response time, while also giving you a unified,...